Techniques

The team here uses Open Source methods while investigating a digital or cyber resource, and collects data and evidence. At no point do any analyst or researcher here unlawfully access private data pursuant to guidance and rules set forth by COPPA. The analysts and researchers here do not provide a legal opinion, and does not 'hack back'. 

The output of any research or investigation is data that may be used by the reporter. This involves a roadmap of when/where/what to do next. This may involve the reporter making reports to legal entities. While the investigators will not ask for personal or private info, it is critical that all data or reports are factually true and believed to be factually true.

We can schedule an introduction phone or zoom call. Please see our calendar for availability.

Actions for Investigations

Techniques used include:

• Analyzing web/digital properties, both presentation and underlying public code.

  • Trademark search, https://www.uspto.gov/trademarks/search 

  • Linked libraries

  • DMCA filings, https://www.lumendatabase.org/ 

• DarkWeb, DeepWeb, TOR analysis where appropriate.

  • DarkGPT, DarkBERT, and other LLMs or models specifically tuned to security.

• Network forensics, such as WhoIS/Historical WhoIS.

  • https://ip-geolocation.whoisxmlapi.com/lookup

  • https://research.domaintools.com/research/whois-history/

• VirusTotal, reputation services, and cached versions of sites from resources like the Wayback Machine

  • https://www.virustotal.com/gui/home/upload

  • https://archive.org/web/

  • https://cachedview.com/

• Compilation of previous reports, history of scam-like behavior, history of hosting malware or offensive code.

  • www.scamadvisor.com

  • https://www.getsafeonline.org/checkawebsite/

  • https://consumer.ftc.gov/scams

  • https://www.usa.gov/scams-and-fraud

• Consultation with your local police department to set up a proper case. This generally must be done with the precinct local to where the reporter is.

• Consultation on which additional police departments may need to be contacted. If this is a multistate or multicountry, mapping out and GeoLocating the physical locations of datacenters is critical.

• Background checks, criminal history, neighborhood reports, sex offender search (these are often not free)

• Instructions on how to report to:

  • The State attorney general, https://www.usa.gov/state-consumer 

  • The FTC, https://reportfraud.ftc.gov/#/ 

  • The FBI, https://www.fbi.gov/how-we-can-help-you/safety-resources/scams-and-safety 

  • The SEC, https://www.sec.gov/tcr 

  • The IRS, https://www.irs.gov/privacy-disclosure/report-phishing , https://www.irs.gov/businesses/small-businesses-self-employed/tax-scams-how-to-report-them 

  • Front-facing proxy services, https://www.cloudflare.com/trust-hub/reporting-abuse/ , https://docs.gandi.net/en/domain_names/common_operations/whois_privacy.html 

  • Hosting providers such as namecheap, GoDaddy, hostinger, and more.

Finally, a writeup and courtesy phone call or zoom meeting. This service at this time, June 9th 2023 is free. Restrictions may be made based on time requirements, complexity, scope, and timeliness.

Whats Next

Start a case by agreeing to the truthfulness and accuracy of reports, and clicking on Contact.

Errata

This service is presented As-Is. No warranties stated or implied. eCrime Investigations is not a law practice, law enforcement, or private detective. We may suggest such services depending on the case.

All information in any reports may be used by you for appropriate applications. Any portion that is referenced must be complete and in context, and attribution to the original documents and reports must be given.